package org.wwb.antbox.center.web.config;

import org.ant.boot.starter.shiro.config.AntShiroJwtAutoConfiguration;
import org.ant.boot.starter.shiro.properties.ShiroAuthProperties;
import org.ant.boot.starter.shiro.properties.ShiroProperties;
import org.ant.shiro.filter.AntUserFilter;
import org.ant.shiro.filter.IpFilter;
import org.ant.shiro.filter.JwtFilter;
import org.ant.shiro.jwt.TokenManagerShiro;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.wwb.antbox.center.web.shiro.LocalLoginFilter;
import javax.servlet.Filter;
import java.util.LinkedHashMap;

/**
 * @Author Bond
 * @Date: 2020/3/3 16:29
 * @Description: Center Shiro 自动配置类
 */
@Configuration
@EnableConfigurationProperties({
        ShiroProperties.class})
@AutoConfigureAfter({AntShiroJwtAutoConfiguration.class})
public class CenterShiroAutoConfiguration {

    @Autowired
    private ShiroProperties shiroProperties;

    @Autowired
    private TokenManagerShiro tokenManagerShiro;

    /**
     * Filter工厂，设置对应的过滤条件和跳转条件
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        // 过滤器必须是再次new,不能使用Bean
        IpFilter ipFilter = new IpFilter();

        LocalLoginFilter localLoginFilter = new LocalLoginFilter();
        localLoginFilter.setRefreshTokenExpireTime("1800");
        localLoginFilter.setTokenManagerShiro(tokenManagerShiro);

        JwtFilter jwtFilter = new JwtFilter();
        jwtFilter.setRefreshTokenExpireTime("1800");
        jwtFilter.setTokenManagerShiro(tokenManagerShiro);

        AntUserFilter antUserFilter = new AntUserFilter();
        antUserFilter.setTokenManagerShiro(tokenManagerShiro);

        /**
         * 自定义过滤器配置
         */
        LinkedHashMap<String, Filter> myDefineFilters = new LinkedHashMap<>();
        myDefineFilters.put(IpFilter.BEAN_NAME,ipFilter);
        myDefineFilters.put(LocalLoginFilter.BEAN_NAME,localLoginFilter);
        myDefineFilters.put(JwtFilter.BEAN_NAME,jwtFilter);
        myDefineFilters.put(AntUserFilter.BEAN_NAME,antUserFilter);

        /**
         * 自定义过滤条件配置
         */
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        // 网站图标
        filterChainDefinitionMap.put("/*.ico", "anon");
        filterChainDefinitionMap.put("/*.js","anon");
        filterChainDefinitionMap.put("/*.jpg","anon");
        // 登录
        filterChainDefinitionMap.put("/passport/login*",
                String.join(",",
                        IpFilter.BEAN_NAME,
                        LocalLoginFilter.BEAN_NAME));
        // 退出
        filterChainDefinitionMap.put("/passport/logout.html","anon");
        filterChainDefinitionMap.put("/**",
                String.join(",",
                        IpFilter.BEAN_NAME,
                        JwtFilter.BEAN_NAME,
                        AntUserFilter.BEAN_NAME
                )
        );


        ShiroAuthProperties shiroAuth = shiroProperties.getShiroAuth();

        // 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
        shiroFilterFactoryBean.setLoginUrl(shiroAuth.getLoginUrl());
        // 登录成功后要跳转的链
        shiroFilterFactoryBean.setSuccessUrl(shiroAuth.getSuccessUrl());
        // 未授权界面;
        shiroFilterFactoryBean.setUnauthorizedUrl(shiroAuth.getUnauthorizedUrl());

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        // 自定义过滤器集合
        shiroFilterFactoryBean.setFilters(myDefineFilters);

        return shiroFilterFactoryBean;
    }
}
